Created attachment 796603[details]
Detailed configuration and actual results for all scenarios
Description of problem:
Parameters in /etc/sysctl.d/* do not override parameters in /usr/lib/sysctl.d/* while processed by systemd-sysctl.
systemd-sysctl shall process parameters the same way as sysctl --system, specifically if a parameter is defined multiple times the last value shall be used.
Version-Release number of selected component (if applicable):
systemd-204-11.fc19.x86_64
How reproducible:
*****************************************************************
* Scenario A Naive attempt to use own sysctl configuration file *
*****************************************************************
Steps to Reproduce:
1. Create a file /etc/sysctl.d/ipv4_rp_filter_local.conf
net.ipv4.conf.default.rp_filter = 2
2. Reboot the system and check rp_filter parameters
sysctl -a | fgrep .rp_filter
Actual results:
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.p4p1.rp_filter = 1
Expected results:
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.p4p1.rp_filter = 2
**********************************************************************
* Scenario B Naive attempt to use /etc/sysctl.d/50-default.conf file *
**********************************************************************
Steps to Reproduce:
1. Copy /usr/lib/sysctl.d/50-default.conf to /etc/sysctl.d/50-default.conf. Edit /etc/sysctl.d/50-default.conf and change line net.ipv4.conf.default.rp_filter = 1 to
net.ipv4.conf.default.rp_filter = 2
2. Reboot the system and check rp_filter parameters
sysctl -a | fgrep .rp_filter
Actual results: Same as in scenario A
Expected results: Same as in scenario A
******************************************************************************
* Scenario C Another naive attempt to use /etc/sysctl.d/50-default.conf file *
******************************************************************************
Steps to Reproduce:
1. Create a file /etc/sysctl.d/ipv4_rp_filter_local.conf
net.ipv4.conf.default.rp_filter = 2
2. Copy /usr/lib/sysctl.d/50-default.conf to /etc/sysctl.d/50-default.conf. Comment out line net.ipv4.conf.default.rp_filter = 1
3. Reboot the system and check rp_filter parameters
sysctl -a | fgrep .rp_filter
Actual results: Same as in scenario A
Expected results: Same as in scenario A
*********************************************************
* Scenario D Fix /usr/lib/sysctl.d/50-default.conf file *
*********************************************************
Note that it not a good workaround as updating systemd will restore the file.
Steps to Reproduce:
1. Edit /usr/lib/sysctl.d/50-default.conf file and comment out line net.ipv4.conf.default.rp_filter = 1
2. Reboot the system and check rp_filter parameter
sysctl -a | fgrep .rp_filter
Actual&expected results are the same:
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.p4p1.rp_filter = 2
Additional info:
Note 1.
systemctl systemd-sysctl.service status output contains lines similar to
systemd-sysctl[674]: Duplicate assignment of net/ipv4/conf/default/rp_filter in file '/etc/sysctl.d/ipv4_rp_filter_local.conf', ignoring.
systemd-sysctl[715]: Duplicate assignment of net/ipv4/conf/default/rp_filter in file '/etc/sysctl.d/50-defaults.conf', ignoring.
Note 2. systemd-sysctl is not expected and is not reasonable
- it does not allow parameters override, so if a parameter is set in some /usr/lib/sysctl.d file it cannot be later changed in /etc/sysctl.d file
- it does not treat files with the same name in any special way, so it parses /usr/lib/sysctl.d/50-defaults.conf file even if /etc/sysctl.d/50-defaults.conf file exists
Note 3. sysctl --system processes all config files one after another, all parameters in the files one after another, so the last value wins. There are no error messages if some parameter is defined in multiple files.
systemd-sysctl shall do its processing the same way as sysctl --system